Microsoft upgrades security tool that verifies system configuration

As part of the overhaul of its patch management tools, Microsoft on Tuesday released the next version of a tool that detects bad configurations that could leave users open to security vulnerabilities.

The Microsoft Baseline Security Analyzer (MBSA) 1.2 includes support for a number of new Microsoft products, including Exchange 2003 and the past three versions of BizTalk Server. The 1.2 version also is available in three additional languages, French, German and Japanese.

MBSA 1.2 includes support for Office 2000, XP and 2003, however, users can only scan the machine where the MBSA software is running. Remote scans of Office are not supported.

MBSA allows users to scan one or more Windows-based computers to ensure they are up-to-date with the latest security patches. The software checks the operating system and

other components, including Internet Information Server and SQL Server.

The additional components and servers supported in MBSA 1.2 include BizTalk Server 2000, 2002, and 2004; Commerce Server 2000 and 2002; Content Management Server 2001 and 2002; Host Integration Server 2000 and 2004; SNA Server 4.0; Microsoft Virtual Machine; and Microsoft XML 2.5, 2.6, 3.0, 4.0. MSXML is an XML processing engine that works with Internet Explorer.

The new software also supports Microsoft Data Access Component 2.5, 2.6, 2.7, and 2.8, which should avoid a repeat of the problems users recently had installing Microsoft patch MS04-003.

MBSA 1.2 also performs configuration checks on the Internet Connection Firewall, Automatic Updates, Internet Explorer zones and for the version of MBSA itself.

Microsoft is upgrading its tools based on criticism from users who have suffered through patch and security issues over the past few years, most notably the Slammer worm.

MBSA is but one component of Microsoft’s patch overhaul that will include a common assessment engine to verify whether patches are needed; automatic update capabilities for every product; and standardized uninstaller technology. Microsoft also is cutting the number of patch installers from eight to two and developing a single patch-update site for Microsoft products.

Many of the features Microsoft is adding are already available from third-party patch management tools such as those from Shavlik Technologies, which licenses some of its software to Microsoft. Other vendors such as Aelita, BigFix, ConfigureSoft, Ecora, PatchLink and St. Bernard Software also offer patch management tools.

Those tools also offer some features not supported by Microsoft.

“We can do remote scans of Office,” says Eric Shultze, Shavlik’s director of product research and development, referring to the company’s HFNetChkPro. The company’s tools also can check configurations on servers that Microsoft itself has yet to support including Internet Security and Acceleration Server.